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(57) Abstract 

The present invention comprises a method 2nd apparatus for enforcing software licenses for resource libraries such as an application 
program interface (API), a toolkit, a framework, a runtime library, a dynamic link library (DLL), an applet (e.g. a Java or ActiveX applet), 
or any other reusable resource. The present invention aliows the resource library to be selectively used only byauthonzed end user software 
programs. The present invention can be used to enforce a "per-program" licensing scheme for a resource library whereby the resource 
library is licensed only for use with particular software programs. In one embodiment, a license text string and a corresponding license 
key are embedded in a program that has been licensed to use a resource library. The license text suing and the license key are supplied, 
for example, by a resource library vendor to a program developer who wants to use the resource library with an end user program being 
developed. The license text string includes information about the terms of the license under which the end user program is allowed to use 
the resource library. The license key is used to authenticate the license text string. The resource library in turn is provided with means for 
reading the license text string and the license key, and for determining, using the license key, whether the license text string is authenuc 
and whether the license text string has been altered. Resource library functions are made available only to a program having an authentic 
and unaltered license text string. 
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METHOD AND APPARATUS FOR ENFORCING SOFTWARE LICENSES 



BACKGROUND OF THE INVENTION 

5 1. FIELD OF THE INVENTION 

The present invention relates generally to the distribution of computer 
software, and more particularly to a method and apparatus for automated 
enforcement of computer software licenses. 



10 



2. BACKGROUND ART 



Some computer software programs use so-called "resource libraries" to 
7: vow;. j p;;rt of thc?v functionality Tn-.::<: is illy z -ironr. - vos rr-^ired t>> 
15 use a resource library. I = . : current schemes, it is not always possible lo 
charge the license fee to all users of a resource library. This problem can be 
understood by comparing software structures that use resource libraries with 
basic software structures that do not. 

20 Basic Softw are Structure 



Figure ] illustrates a basic software structure. In the example of Figure 
1, the software comprises two layers. These layers are the operating system 
110, and the application program 120. Operating system 110 is responsible for 
25 controlling the allocation and usage of hardware resources such as memory, 
central processing unit (CPU) time, disk space, and peripheral devices. 
Operating system 110 provides a variety of specific functions that can be 
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utilized by a variety of software programs such as application program 120. 
Application program 120 provides specific end user functions, such as word 
processing, database management, and others. Application program 120 
communicates with the computer hardware via functions provided by 
operating system 110. Operating system 110 provides an interface between 
hardware 100 and application program 120. 

Resource Librarips 



10 



Figure 2 illustrates a second software structure. The software structure 
of Figure 2 contains an additional layer of software, resource library 215, 
interposed between application program 220 and operating system 110. 
Resource library 215 provides a pre-packaged set of resources or routines that 
con Lo .-..-xcss^d by ware pre,>>..;us such as application prcc-am 22i) dur;"... ; 
ID tr..<ez;:-::>n. - •i; s y-s p,- higher h--r.., functions th::n -those 

provided by operating system 210. For example, these resources may provide 
routines for managing a graphical user interface, for communicating with 
other computers via a network, or for passing messages between program 
objects. Typically, resource library 215 provides one or more resources or 
20 functions that can be used by many different software programs. By using the 
pre-packaged resources provided by resource library 215, a software program 
such as application program 220 can be made smaller and program 
development rime can be shortened because the program itself need not 
include code to provide the functions provided by resource library 215. 

25 
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In addition to application programs, resource libraries are used by other 
types of software programs, including device drivers, utility programs and 
other resource libraries. 

Resource library 215 constitutes any set of one or more resources that 
exists separately from an application program or other software program and 
that can be used by more than one software program. For example, resource 
library 215 may comprise an application program interface (API), a toolkit, a 
framework, a resource library, a dynamic link library (DLL), an applet, or any 
other reusable resource, including an application program that can be accessed 
by another program (e.g. by using object linking and embedding (OLE)). 
Examples of resource libraries include Windows DLL's (DLL's used with the 
Microsoft Windows (TM) operating environment), the Apple Macintosh (TM) 
to*:-' U-,. t'v.. ;;prv::r~p A;. : fr 0 i-, : ; r.XV 3o;i-w,.r- Inc.. OLE -" bled -p/.iicr -i.xn 
programs w*.dn as Microsoft Word (TM), Java packages, and ActiveX applets. 

A software program typically utilizes a resource provided by a resource 
library by sending an appropriate message to the resource library and 
supplying the parameters required for the resource to be executed. Assuming 
20 the appropriate parameters have been supplied, the resource executes, and an 
appropriate response message is returned to the requesting program. 

A software program may use resources provided by several different 
resource libraries, a resource library may be used by several different programs, 
25 and a resource library may itself use other resource libraries. Figure 3 

illustrates a computer system that includes several programs and several 
resource libraries. In the example of Figure 3, there are two application 
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programs 300 and 310, and three resource libraries 320, 330, and 340. 
Application program 300 uses resources provided by operating system 110 and 
by resource libraries 320 and 330. Application program 310 uses resources 
provided by operating system 110 and by resource libraries 330 and 340. The 
resources of resource library 330 are thus shared by application programs 300 
and 310. 

License Fee 



10 



20 



Generally, computer software is licensed to an end user for a fee. The 
end user pays a single purchase price or license fee in exchange for the right to 
use the end user program on a computer system. Resource libraries are often 
packaged or "bundled" with an end user program by the maker of the program 

" UCit fhN ' ihr '•'• d • recf-lvr-s a copy of resource iibrarie.* iw.ujred by •• 
P rc 'l •■■ lVheri the <k±< buy : jy of the program. The pi.ee of the 
resource library is built into the end user program price. The end user 
program developer, in turn, pays a royalty to the resource library vendor for 
the right to bundle and resell the resource library. 



Since a resource library can be used with multiple end user programs, 
once the end user receives a copy of the resource library, the end user can use 
the resource library with any other program that is compatible with the 
resource library. In this case, the resource library vendor receives no 
additional revenue when the vendor's resource library is used with additional 
25 programs. Accordingly, it would be desirable for a resource Library vendor to 
be able to ensure that an end user can use the resource library only with 
programs for which a license fee has been paid to the vendor for use of the 
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resource library. Thus there is a need for a software mechanism for enforcing 
software license agreements that automatically ensures that a resource library 
can only be used by programs that have been licensed for use with the 
resource library by the resource library vendor. 
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SUMMARY OP THP INVENTION 

The present invention comprises a method and apparatus for enforcing 
software licenses for resource libraries. The term "resource library" as used 
5 herein refers to any reusable software resource that is usable by more than one 
program or other resource library. The term "resource library" includes, but is 
not limited to, an application program interface (API), a toolkit, a framework, 
a runtime library, a dynamic link library (DLL), an applet (e.g. a Java or 
ActiveX applet), an application program whose functionality can be accessed 

10 by other programs (e.g. using OLE) or any other reusable resource. The present 
invention allows the resource library to be selectively used only by authorized 
end user software programs. The present invention can be used to enforce a 
"per-program" licensing scheme for a resource library whereby the resource 
■jhieK-y -j iio€r*.---ii! only tor •>;-•- wit;. : „irt5.-; :.! -.r sof^varo :,i'ns:.-ani;?, as •<*.•■ -.41 c«- 

>.b ^xt.r ;.cc : • --.-s and other licensing schemes. 

In one embodiment, an access authorization indicator such as a license 
text string and a corresponding license key are embedded in a program that 
has been licensed to use a resource library. The license text string and the 
20 license key are supplied, for example, by a resource library vendor to a 

program developer who wants to use the resource library with an end user 
program being developed. 

The license text string includes information about the terms of the 
25 license under which the end user program is allowed to use the resource 

library. In one embodiment, the license key is an algorithmic derivation, such 
as, for example, a digital signature, of the license text string that is used to 
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authenticate the license text string. The resource library in turn is provided 
with a checking routine that includes means for reading the license text string 
and the license key, and for determining, using the license key, whether the 
license text string is authentic and whether the license text string has been 
5 altered. Resource library functions are made available only to a program 
having an authentic and unaltered license text string. 

In one embodiment, the license key constitutes the resource library 
vendors digital signature of the license text string. The resource library has a 

10 checking routing for verifying the resource library vendor's digital signature. 
The resource library is unlocked and made available for use with the 
requesting program only if the license text string is verified as authentic by the 
resource library. For a given program, only the resource library proprietor can 
n?.v..iucc r; -icer s ->- V - y :V.r a particular i:.-yjv=c ;iyy:':e*.vx.j.\K ifr*r vviH wlock rh* 

J resource i^ary for that program and ihat pro-^a^\ ci^y . ;\r\y mcdit'ication of 
the license key or the license agreement text string in the requesting software 
program is detected by the checking routine, causing the resource library to 
remain locked. The license text string may also specify an expiration date for 
the license, in which case the resource library is unlocked only if the 

20 expiration date has not yet occurred. 

In one embodiment, a per-site enforcement method is provided, in 
which any software program present at a given user site works with the 
resource library once the resource library is provided with the proper per-site 
25 license key. 
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BRI EF DESCRIPTION OF THE nRAWTMry 

Figure 1 illustrates an example of a software structure. 

5 Figure 2 illustrates an example of a software structure including a 

resource library. 

Figure 3 illustrates an example of a software structure including several 
application programs and resource libraries. 

10 

Figure 4 illustrates an embodiment of a computer system that can be 
used with the present invention. 

'• 0 "• r.n.r:.- re Strch.vr;- • :.£ c&V» embctvft-en; ~f the 

15 pr_. invention. 

Figure 6 illustrates a software structure of one embodiment of the 
present invention. 

20 Figure 7 is a flow chart illustrating the operation of one embodiment of 

the present invention. 

Figure 8 illustrates a software structure of one embodiment of the 
present invention. 

25 

Figure 9 illustrates a software structure of one embodiment of the 
present invention. 
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Figure 10 is a flow start illustrating the operation of one embodiment of 
the present invention. 

5 Figure 11 is a flow start illustrating the operation of one embodiment of 

the present invention. 

Figure 12 is a flow start illustrating the operation of one embodiment of 
the present invention. 

10 

Figure 13 illustrates a software structure of an embodiment of the 
present invention using the OpenStep API. 

5 resource library is an applet. 
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DETAILED DF^CRIPTI ON OF THE TNJVFNfnONT 

A method and apparatus for enforcing software licenses is described, in 
the following description, numerous specific details are set forth in order to 
5 provide a more thorough description of the present invention. It will be 

apparent, however, to one skilled in the art, that the present invention may be 
practiced without these specific details. In other instances, well-known 
features have not been described in detail so as not to obscure the invention. 

10 Computer Syst^^ 

The present invention can be implemented on any of a variety of 
computer systems, including, without limitation, network computers, special 
pui~-.:- e ..••••rmiiur,.*, and -^ xm-.a' purp-^ ron-puwrs --ch p* she !«?.---.~ rg .« 
15 purpose compul . ;- • . :. : ure 4. The computer L v v ,:..„.,-, shown in 

Figure 4 includes a CPU unit 400 that includes a central processor, main 
memory, peripheral interfaces, input-output devices, power supply, and 
associated circuitry and devices; a display device 410 which may be a cathode 
ray tube display, LCD display, gas-plasma display, or any other computer 
20 display; an input device 430, which may include a keyboard, mouse, digitizer, 
or other input device; non-volatile storage 420, which may include magnetic, 
re-writable optical, or other mass storage devices; a transportable media drive 
425, which may include magnetic, re- writable optical, or other removable, 
transportable media, and a printer 450. The computer system may also 
25 include a network interface 440, which may include a modem, allowing the 
computer system to communicate with other systems over a communications 
network such as the Internet. Any of a variety -of other configurations of 
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computer systems may also be used. In one embodiment, {he computer 
system comprises an Intel Pentium (tm) CPU and runs the Microsoft 
Windows 95 (tm) operating environment. In another embodiment, the 
computer system comprises a Motorola 680X0 series CPU and runs the 
5 NeXTStep operating system. 

When a computer system executes the processes and process flows 
described herein, it is a means for enforcing software licenses. 

10 The invention can be implemented in computer program code in any 

desired computer programming language. 

Lic ensing Module 

IS I-'igure 5 is a rice:-, dife^rau: : - rating softvv:ue components of one 

embodiment of the present invention. As shown in Figure 5, this 
embodiment, like the prior art embodiment of Figure 2, includes computer 
hardware 100, operating system 110, application program 220 and resource 
library 215. However, the present invention adds two additional components: 

20 Program licensing module 500 and resource library licensing module 510. 
These modules are shown in greater detail in Figure 6. 

Figure 6 illustrates program licensing module 500 and resource library 
licensing module 510 in one embodiment of the present invention. As 
25 shown in Figure 6, program licensing module 500 contains license text string 
600 and license key 610. License text string 600 contains data specifying terms 
of the software license agreement under which the resource library vendor 
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has licensed the program containing program licensing module S10 to use the 
vendor's resource library. For example, license text string 600 may include the 
following text: 

Table 1: FYampTo License Teyt String 

•(c) Copyright 1997. Resource Library Vendor. Inc. Program A is 
licensed to use Resource Library D. No expiration date ^his 
P rogral? ay ^ * C ° Pied ° r '""sferred to an^thef 

In the example shown in Table 1, license text string 600 specifies the name of 
the resource library vendor ("Resource Library Vendor, Inc.), the name of the 
program licensed to use the resource library {"Program A"), and the name of 
the resource library that has been licensed ("Resource Library D"). License text 
string 600 also indicates that the license has "No expiration date." 



r. J.;,... f ;.' ... -:;?,."•=':• i.rr.5: •: ■ s ■■■■■ . • j f. !-;.<-• •• • - „ . •»- 
•-' - vl - itx.:-.- ■ ■•: :c. . .j ,'t : ~ > »>'.J. 

m one embodiment, license x,-y ■ .,0 comprises a digital signature of the 
20 resource library vendor. 

t 

A digital signature is a mechanism that has been developed to help 
ensure the integrity of electronic messages. A digital signature is used to 
authenticate an electronic message and to determine whether an electronic 
25 message has been altered. 

One form of digital signature uses a message digest. A message digest is 
a value that is generated when an electronic message is passed through a one 
way encryption process ("digesting process") such as a hashing routine. An 
30 idea] digesting process is one for which the probability that two different 

electronic messages will generate the same message digest is near zero. In this 
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form of digital signature, both the originator and the recipient need to know 
which digesting process is being used. The originator generates the electronic 
message, and generates a message digest by passing the electronic message 
through the digesting process. The originator digitally signs the resulting 
5 message digest, for example by performing an algorithmic operation on the 
message digest using the originator's private key. Alternatively, instead of 
generating a message digest and signing the message digest, a sender may sign 
the message itself. 

10 To verify the authenticity of a digitally signed message, the recipient 

obtains the electronic message and the digital signature of the sender. The 
recipient verifies the digital signature using an appropriate verification 

process. For example, in one embodiment, the recipient verifies the digital 
:*\:.;;.nrr:uj:o by r«- fonV'iru ari r.!ii*jr:>V -• -^c v^rsss r. : , -hr; c : :.-..it«3 ■ — 

15 the sender's publk key. The verii'ication process verifies thai :iectronic 
message was (1) digitally signed by the sender, and (2) that the electronic 
message content was not changed from the time that it was signed to the time 
that the digital signature was verified. 

20 In the present embodiment of the invention, the "message" that is 

digitally signed is license iext string 600. The signer is the resource library 
vendor. The result is license key 610. 

License text string 600 and license key 610 are used by resource library 
25 licensing module 510 to verify that a requesting program has been licensed to 
use the resource library. As shown in Figure 6, resource library licensing 
module 510 includes a license verification module 620. When a program 
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requests access to the resource library, resource library licensing module 510 
reads license text string 600 and license key 610 from the requesting program. 
In one embodiment, license text string 600 and license key 610 are sent io the 
resource library by the requesting program along with a request /or access to 
5 the resource library. In another embodiment, resource library licensing 
module 510 reads license text string 600 and license key 610 from a constant 
definition section of the requesting program. 

Resource library licensing module 510 uses license key 610 to verify the 
10 content of license text string 600 in the same manner as a digital signature is 
used to verify an electronic message. Using license verification module 620, 
resource library licensing module 510 verifies that license text string 600 is 
authentic (i.e. was generated by the resource library vendor) and unaltered. If 

i; , r.G;,-«:: ..: 3 sr the div.ite' signi»s~.«r.-: is 



15 nor svocj, .ourf- \,: Jtii .i:y . .s;..g meriui . : -.efuses the requesting 

program's request for access to the resource library. If the verification process 
is successful, resource library licensing module 510 inspects the license to 
determine any license limitations included in license text string 600. 

20 The example license text string 600 shown in Table 1 above identifies 

"Program A" as the program that is licensed to use the resource library, and 
states that the license has "No expiration date." Resource library licensing 
module 510 obtains the name of "Program A" from license text string 600, and 
checks whether the requesting program is Program A. If the requesting 

25 program is a program other than Program A, access to the resource library is 
denied. ■ 
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Rather than specifying "No expiration date" as in th^ present example, 
license text string 600 may specify an expiration date and /or a beginning date 
for the license. If any such dates are specified in license text string 600, 
resource library licensing module 510 checks to make sure that the current 
5 date falls within the period of validity of the license prior to granting access to 
the resource library. If the current date is not within the license's period of 
validity, the requesting program is denied access to the resource library. 

Access Procedure 

10 

The process used by a resource library to grant or deny access to a 
requesting program in one embodiment of the invention is illustrated in 

Figure 7. In one embodiment, this process occurs the first time a program 

vi'.:i3. ..vjcc::- io n- * c m '-~-.ircr '-vary. ! -. an^iv-r riTyjbodir-v nt, live ;;ro-::/:s 
15 occurs each lime trv» wurce library receives a request for access. 

As shown in Figure 7, the process begins with a requesting "program 
making a request to use the resource library at step 700. At step 705, the 
resource library obtains the requesting program's license text and license key. 
20 The license text and license key may, for example, be included in the request, 
or the resource library may read the license text and license key from a 
constant declaration area of the requesting program, or the resource library 
may obtain the license text and 3icense key by some other means. 

25 After obtaining the license text and license key, the resource library 

verifies the authenticity of the license text, using the license key, at step 710. 
At step 725, a the resource library determines whether the verification is 
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successful. If the authenticity of the license text is not verified, access to the 
resource library is denied at step 730. 

If the verification of the authenticity of the license text is successful, the 
5 resource library checks the license terms included in the license text at step 
735. At step 740, the resource library determines whether a limited validity 
period is specified in the license text. If no validity period is specified, the 
- process continues on to step 755. If a validity period is specified, the resource 
library checks whether the validity period has expired at step 745. The validity 
10 period will have expired either if the current date is before a beginning date 
specified in the license text or if the current date is after an expiration date 
specified in the license text. If the validity period has expired, access to the 
resource library is denied at step 750. 

*° ir v £ .ii..'iiy period has not expiree*., , > ■ ucea^r.-^ : -. Te£ - cc -•--.5 

Ai .step 755, the resource library determines whether the requesting program is 
the same program as the program specified in the license text. If the 
requesting program is not the program specified in the license text, access to 
the resource library is denied at step 760. If the requesting program is the 
20 program specified in the license text, the resource library checks whether there 
are any other license terms contained in the license text at step 765. If there 
no other license terms, access to the resource library is granted at step 770. If 
there are other license terms, the resource library checks whether those terms 
are satisfied at step 775. If the terms are not satisfied, access to the resource 
25 library is denied at step 780. If the terms are satisfied, access to the resource 
library is granted at step 785. 



are 
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The invention may be implemented in the Objective-C language. 
Objective-C is essentially the ANSI C language with object messaging 
extensions. A full description of the Objective-C language appears in "Object- 
Oriented Programming and the Objective-C Language/' published by Addison- 
5 Wesley (ISBN 0-201-63251-9) (1993), and incorporated by reference herein. 
However, the invention can also be implemented in any other suitable 
computer programming language. 

As described below, the invention can be implemented by embedding 
10 appropriate segments of program code in the source code of a program that 

uses a resource library and in the source cede of the resource library itself. The 
resource library is compiled to produce an executable implementation which 
can be linked to a compiled and executable version of the program. 

i 5 Application Pi c^ r*,- i ,. vj erf ace [APT] 

In one embodiment of the invention, the resource library is an 
application program interface ("API"). An API has three major functions: it 
receives requests from an application program to carry out fundamental 
20 operations such as receiving user input or displaying output; it converts each 
request into a form understandable by the particular operating system then in 
use; and it receives responses and results from the operating system, formats 
them in a uniform way, and returns them to the application program. 

25 APIs generally are prepared in an executable implementation which is 

compiled specifically for the underlying operating system. This is necessary 
because different operating systems provide different calling mechanisms and 
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eommunications methods for such primitive operation, as reading and 
writing a mass storage deviee. For example, an AP, may provide . - draw(x 

function that can be ca]]pd hv 9n Q i- . 

n oe called by an appl.cahon program to draw a point at 

coordinates (x, y , on the display device of a confer system. Upon _ ipt of . 
draw,*,) req ues, from an application progranl/ ^ ^ ^ ^ 
■nto a command or function ca„ specific to the operating system then in use 
For exampie, the API might convert the drawOc.y, reoues, into a series o, 

machine instructions to load register* wM, *u 

a renters with the x,y values and cal] an 

operating system function or generate an 
in , generate an interrupt. The person writing the 

application program need not worry about such details. 

m -me cases the Api ^ to ^ ca]]g Wtiong ioca ^ ^ ^ 

^unction library such as a set of device drivers rather than directly calling the 

C; •r-r.-tinnf svttr-.v. De\ e cX — .• -■ 

13 -i " -Fating sy.^em to addrc ia and worx v-i D pv«, ■• . , 

1 P ai - hardware devices 

such as video adapters and printer* rw., 

er " Uevj ce drivers also constitute a form of 

resource library. 

Depending on the operating syslem, the AP, can be prepated in any of 
20 severs, executable formats such as a runtime horary, device linked library 
(DLL), or other executable file. The AP, is provided to the end user in one of 
these object code versions, or -implementations,- of the API. In industry 
usage the term AP, can refer to a definition or specification o, functions in the 
API, to the source code of the AP, that implements such functions, or ,o the 
25 executable version of such source code which is ultimately distributed ,o and 
used by end users. Examples of AP,s are the OpenS.ep API, avai.able from 
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NeXT Software, Inc., Redwood City, California, and the Visual Basic DLL 
available from Microsoft Corporation, Redmond, Washington. 

The term API as used herein also includes the Java programming 
5 language. Rather than being distributed in executable form, Java programs are 
distributed as packages of "bytecodes." The bytecodes are compiled at runtime 
into executable code by a Java Virtual Machine (JVM) resident on the 
computer on which the Java program is run. Different JVM's are used for 
different computer processors and operating systems. However, all JVM's 
10 read the same bytecode. Accordingly, Java bytecode programs and packages are 
platform independent. Java bytecode programs and packages need only be 
written in one form. The JVM's take care of adapting the bytecode to different 
computer platforms. Packages of Java bytecode can be used by different Java 
-rc^ramc. and. i-: si conc^*ute ^rov.r":*: Vibrsii^c. 

Generally the end user can buy the executable version of the API 
implementation separately from any particular application program from its 
creator or vendor, or the end user may buy the API implementation bundled 
with an application program that requires and uses the API to rim. 

20 

In either case, the API implementation is installed in executable form 
in the end user's computer system (typically by copying it to a mass storage 
device such as a hard disk). After the API implementation is installed, the 
end user can launch (begin running) an application program which uses the 
25 API implementation. The application program locates the API 

implementation on the hard disk and references, calls, or is linked to the API 
implementation. In operation, when the application program needs to carry 
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out an operation implemented in the API implementation, such as drawing a 
line on the screen, the app Jication pmgTam ca]Js ^ ^ 

the API imputation. The appropriate function in turn tells the operating 
system (or the device independent windowing extensions, or another device 
5 driver) how to execute the desired operation. 

A significant advantage of the use of APIs is that an application 
program, such as a word processor, can be written to communicate only with 
the API, and not with the operating system. Such an application program can 
10 be moved or ported to a different operating system without modifying the 
program source code. Because of this, application programs written for APIs 
are said to be operating system independent, meaning that the application 
program source code can be moved without modification to another 
computer sysier, having » -ferent rating sy^,, reco^iieo ,nd 
" ""^ WJU1 - J ' ] - P«H«d /or ^ -, ts , ystem . The 

ao,l,ty to move unmodified application source code to different operating 
systems is a key advantage of using APIs. 

However, from the point of view of API vendors, APIs also have the 
20 significant disadvantage that an end user needs only one copy of the API to 
run multiple application programs which are compatible with the API. Since 
the API provides generic input, output, and processing functions, it will work 
with a variety of different end user application programs. Some software 
vendors desire to restrict use of their API implementations to one application 
25 or to require the end user to purchase a key to the API for each application 
acquired by the end user, so that the end us,r pays a different or larger fee to 
use additional application programs. 
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The present invention provides a way to arrange a resource library such 
as an API to work only with particular authorized application or other end 
user programs. 

5 

API License Embodiment 

As is well known in the art, the source code of a computer program can 
be divided into several components including a variables declaration area, a 

10 constant declaration area, and a procedure definition area. Figure 9 illustrates 
an embodiment of the present invention that is used with an API. As shown 
in Figure 9, in this embodiment, an application program 900 is provided with 
a TJcenseKeyString constant 902 and a LicenseAgreementString constant 904 
: *he •• ; d^x.U-'dorrS r«rca of C. - % . npp^k^vion ogr?vo''s source cc~-;. 

15 In the embodiment oi rigure 9, LicenseKeySvriny '-02 anu 

LicenseAgreementString 904 are declared as global string constants. 

In one embodiment, LicenseAgreementString 904 contains a text string, 
prepared by the vendor of the API, that describes in human readable text the 
20 license restrictions concerning use of the API applicable to the application 
program. For example, the LicenseAgreementString may read, "This API is 
licensed for individual internal use only for concurrent use only with Word 
Processor application program." The specific text of the 

LicenseAgreementString is prepared by the licensor of the API. The text can be 
25 any arbitrary combination of words/symbols, or numbers. 
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upon th TO : LiCenSeKeySWne ~ • copending to and based 
d ,h ; LlC 7 eA8 ~^ «■ *- the UeenaeKeyString 

can be a dtgtta, signature o, the LicenseAgreememSttng prepared J " 

providing , he UcenseAgreementSWne a nH • 
5 .dio.,.1 ■ m entStnng and a private key of the API vendor to 

^ ™ 1— -Utod 0/ generating the 

generate a unioue LicenseKeyString corresponding to the 
UcenseAgreetnentSbing. ^ vahaes of the two strings are created fcy ^ 

-do, of th AP] md are provjded (o pmOT ^ y 

: : d r: end user app,ica,ion — - — - - - — 

can end the two strutg va.ues to the appheation progr. m deve,oper by e- 
P'ace the strtng oeciarahons in the source code of the devekper, end user 

r - .Jit, tjue a .1 V:_r.cJOi* rv 



20 



25 922 



:: ' '• ; ; a n " keep — — «» a* *e c, 

~~ appbeahon program Tbe two strings are cotnpHed into the executabie 

Thts b.nds the LicenseKeyString and LieenseAgreetnentString into the 
executable code (or bvtecode) of the appbeation program. 

As further shown in Figure 9, API 920 is provided with an UNLOCK 

LtcenseKeyStnng matches the LieenseAgreetnentString. ,n the etnboditnen, 
of fig™ 9. the CHECK UCENSE function 923 ineiudes sub-function CHECK 
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API Procedure 

Figure 10 is a flow diagram of processing steps of the UNLOCK function 
923. The process of Figure 10 may, for example, be carried out at runtime, 
5 when both the application program and the API are compiled, linked, and 
running. 



WO 99/05600 



The UNLOCK function is called by the API upon initialization of the 
API, for example, upon being called by application program 900 or by some 

10 other calling function, object, or program (the "calling entity"). Processing 

begins at step 1002. The UNLOCK function first checks to see whether the API 
has been provided with a site license that allows the API to be used with any 
calling entity on the computer in which the API has been installed. In this 
;--r:bec:-^nt / ■• ■ se ic by -dding £ip»"':;prisle 

15 LkxT;iv.;veyString and LicenseAgreementStrmg to the APi :vh-u ;..e API is 
installed. This process is described in greater detail below. An appropriate 
LicenseAgreementString may, for example, be "API site license granted. This 
API may be used with any application program at the site at which it is 
installed." The corresponding appropriate LicenseKeyString may, for 

20 example, be derived by applying the API vendor's private key and a digital 
signature process to the LicenseAgreementString. 

The process of checking for a site license begins at step 1004 where the 
UNLOCK function locates and extracts (to the extent they have been provided 
25 to the API) a LicenseKeyString and a LicenseAgreementString from within the 
API. Control is then passed to step 1006 where the function tests whether the 
API is licensed under a site license for unrestricted use with any application 
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Program. The test of steo inns • 

a^, if authentic, delerm «~« - AP], 

ft" a site license has been granted. U *™ eA ««««HSlA 1 g indicate 

5 

- a ^ of the API * 

'0 authentication (T)SA1 ^ "** " digHa] Mature 

UcenseAgreementstn" ^ ^ °' «" 

The DSA process used by CHFTV 

**> »...:HH„ t i. ;sHon ' - S -- 2 ' « te any digitaj 

" 1 --pair-is c.» jt - 



8 '0" aI signature of the i n . - ■ 
app. opnate authentication process ,„ rf „ " '""J** =n 

"ng by testing whether the J c0 ^J*""*** «- of the in P u, 

-en, AppH ea h on Sena, No . 0S^ ~ ! "» ~* * «* 

20 ^a-ute Authentication ■ assigned j J *>< "W" 

~gy of PSA Data ^ , «* 
mention. A pet-sessiont^ T " — " « - - 
CHECK process. " *° lmpr ° Ve ««™ian spe^J of the 



25 



« the LicenseKeyString is determined -,„ be the AP, v A ■ 
digital signature of the L,W a vendor's valid 

, inspected ,0 determine ZlT^ 

tndtcates tha, a site license has been 
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granted. If the LicenseAgreementString does so indicate, thg test of step 1006 
succeeds and control is passed to step 1014. At this point the UNLOCK 
function returns a positive result to the calling entity, and allows the calling 
entity to use the API. 

5 

If the test of step 1006 fails, control is passed to step 1008 where the 
UNLOCK function extracts and reads the LicenseKeyString and 
LicenseAgreementString from a data segment (for example, the compiled 
constant declarations area) of the calling entity. Alternatively, the calling 
10 entity may transmit the LicenseKeyString and the LicenseAgreementString to 
the API. Having obtained the calling entity's LicenseKeyString and 
LicenseAgreementString, control is passed to step 1010 where the function 
teste whether the colling entity is licenced to use the API. This test comprises 
two :-z Or.- port, vr.ig f: ihTK £ ;:-.-.ccos -O. d-scrilw-j nbr.v,-. dr~-- vy-in^ 
° whether the Licei .scAgrcementS <t5~ £ is a LicenseAgreementString validly 
issued by the API vendor. A second part examines the 

LicenseAgreementString for the terms of the included license, and determines 
whether those terms are met. If the result is positive then control is passed to 
step 1014. At this point, use of the API with the calling entity is authorized 
20 and the API returns control to the calling entity so that the calling entity 
resumes norma] execution. 

If the result is negative then the calling entity is not licensed to use the 
API, and control is passed to step 1012. At step 1012 the API generates an error 
25 message such as "API Not Licensed For Use With This Application program," 
and declines access to the calling entity. 
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Steps 1006 and 1010 carry out tfco r 

UCENSE 92] shown £ "* °" «■ * *. CHECK 

snow " m figure 9 and Fi BU «» hp 
- CHECK LICENSE Action 92J are ^ J - 

The process flow of the CHECK LICFW^ a • 

ControIispassedtosteplio^H u " ^ "* " 02 - 

to step ] 104 where the CHECK UCENSF a ^ 

- UcenseKeySMng 902 , U„ nS e Agre e mentS ^ ^ " aSSembte 

-do,, pubiic key IJM as ■ «- a copy o, the AP, 

the CHECK function 922 a ... Preparation for calling 

tne CHECK function at step ] ] 08. 

l '- i£ ■ : J f • ~ • •"- * % . . 

35 itSei: ^ ur ns a fail state. If the *'IECK fun - ^^^i^..;^ 

runcriOii returns a Pice 

control is passed to steD ni9 - *. ° r true sia ^, 

— - - — ™ :r; e check m «— — - 
check uce.se J^r^zir^- At s,ep 

" 2 ™ £Sa « C » P— to .he UNLOCK function. 

« .he name o, the caMing entity „ correcl , ^ „ 

function tests whethor th» i • e ^"fcCK LICENSE 

* a, step „ J6 t L ~ g ~ S , ring contains an e*p iratj on 

p 1136. An exp IratJon date can fce ^ ^ ^ 

LtcenseAgreememSMng by the .API vendor to establi.* 

ate which use cl .he AP, bv the „• * *™™«on da,e 

by the caitag ^ „ no 
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5 



UCENSE may, for examp] e , test for an expiration date by searching for a text 
string that indicates an expiration date, such as, for example, "expiration date" 



If the test of step 1116 is positive, control is passed to step 1118 where the 
CHECK LICENSE function tests whether the current date, as maintained, for 
example by a computer clock or operating system, is greater than the 
expiration date found in the LicenseAgreementString. If the test of step 1118 
passes, control is passed to step 1120. If the test of step 1118 fails, then CHECK 
10 LICENSE returns a FAIL message at block 1124. 

At step 1120, the CHECK LICENSE function checks whether the 

LicenseAgrcc^03:L£tiing specifies any addition*! Kc^* terms. «.f t:, srj r ,,„ ; , c 
" ;; :r ;r ,n °< C ^ CK LiCT-NSF r.: - IV-:;: , v ;, orV -,, , ' 

5 are other terms, CHECK LICENSE determines whether those terms are met at 
block 1122. If any of the other terms are not met, CHECK LICENSE returns a 
FAIL message at block 1124. If all of the additional terms are met, CHECK 
UCENSE returns a PASS message at block 1126. 



20 The operation of the CHECK function called by CHECK LICENSE at 

block 1108 is illustrated in Figure 12. As shown in Figure 12, the purpose of 
the CHECK function is to verify the authenticity of a license agreement string 
by verifying that a corresponding license key string constitutes a valid digital 
signature of the license agreement string. The CHECK function begins at step 

25 1202 and receives as input a LicenseKeyString, a LicenseAgreementString, and 
a vendors public key in step 1203. Tne public key is generated by the resource 
library vendor using any known public/private key pair generation process, as 
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is we« Known in ,he fie,d of cryptography. ^ exBmp] ^ key 

*« HHptol Encryption (FEE, can be done, o, Diffie-Hetaan key generation 
can be used. 



S In step 3204 the CHECK function verifies thatthe LicenseKeyString 

comprises the digita, signahJre 0 , , he Li censeAgreemen,String. m step l 206 
the CHECK function tests whether the verification of step 1204 successful ' 
verified the LicenseKeyString as comprising the digital signature of the 
LteenseAgreementString. „ so , lhc LicenseAgreementString is va.id, m d 
10 CHECK returns a Boolean true or pass value. If not, the 

LicenseAgreementString is invalid, and CHECK returns false or failure. 

Since the LicenseKeyString of the present embodiment comprises fte 

: :i^vxl:-.-.-fit G ; -u s T .:., . . . 

"■ ' ■£■- = ■■trine, .ie • ....^.c... • 

15 ,,„no, be changed in any way without :i , ,:, ange beil , g aetected. StaJmor. 
generally, because the identifier (e.g. the LicenseKeyString, of the invention is 
a unique key mathematically derived from a particular tex, string the, 
specifies license terms for a particular end user program (e.g. the 
LicenseAgreementString,, the identifier can be used to detect any changes to 
20 the license terms. TUs prevents unauthorized modification of the tex, string 
from extending use of a resource library to an unficensed program For 
example, if an end user attempts to modify the expiration date using a 
debugger or machine language editor, the identifier will no longer match the 
license tex, string. Without lowing the private key of the vendor, me end 
25 user cannot generate a matching identifier. 
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When a 127-bit private key's is used by the vendor to' create the 
identifier used in the present invention, a determined hacker attempting to 
forge the private key would need to exhaustively search the 127-bit space, 
requiring extensive computing resources and an impractical amount of time 
5 Thus, the protection provided by the present invention cannot easily be 
cracked and the security of the invention as a whole is extremely high. 

In addition to allowing per program resource library licensing, if the 
API vendor or licensor desires to grant a site license for the API to the end 
10 user, so that the API is licensed for use with any number of application 
programs, the API may be provided with a LicenseKeyString and a 
LicenseAgreementString providing for such unrestricted use. In this 
embodiment, the API vendor provides a .lie license key aMr ff 
auLh'--izat:cri v- • xr.r. r ...... 

15 end user programs at that site ,,,, , ite license ksy string comprises a digital 
signature of a site license agreement string created by the API vendor. The site 
license agreement string may be pre-embedded in the API by the vendor. 
During installation of the API, an installation program provided with the API 
asks the end user whether a site license key is known. If so, the end user 
20 enters the site license key, and the installation program writes the site license 
key to a reserved location in the API. Thereafter, when the API initializes, the 
API tests for the presence of the site license key. If it is present, and it 
comprises a valid digital signature for the site license text string stored 
elsewhere in the API, the API is permitted to be used with any application 
25 program which is calling it. 
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OpenStep API 

In one embodiment of the invention, the API used is the object- 
oriented OpenStep API 820 shown in Figure 8. A specification of the 
5 OpenStep API has been published by NeXT Software, Inc. under the title 
"OPENSTEP SPECIFICATION/' dated October 18, 1994. Implementations of 
the OpenStep API include implementations for the Windows NT and Solaris 
operating systems that are available from NeXT Software, Inc. and SunSoft, 
Inc., respectively. 

As shown in Figure 8, the OpenStep API 820 comprises computer 
program code organized as an Application Kit 802, Foundation Kit 808, and 

Display Postscript™ system 804. (Display Postscript™ is a trademark of Adobe 

3yr : < IT:*. ' ^"oorr.rf>:i.) 

Application Kit 802 provides basic resources for interactive application 
programs that use windows, draw on the screen, and respond to user actions 
on the keyboard and mouse. Application Kit 802 contains components that 
define the user interface. These components include classes, protocols, C 
language functions, constants and data types that are designed to be used by 
virtually every application running under the OpenStep API. A principal 
purpose of Application Kit 802 is to provide a framework for implementing a 
graphical, event-driven application. 

Foundation Kit 808 provides fundamental software functions or 
building blocks that application programs use to manage data and resources. 
Foundation Kit 808 defines basic utility classes and facilities for handling 
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multi-byte character sets, object persistency and distribution and provides an 
interface to common operating system facilities. Foundation Kit 808 thus 
provides a level of operating system independence, enhancing the developer's 
ability to port an application program from one operating system to another. 

5 

Display Postscript system 804 provides a device-independent imaging 
model for displaying documents on a computer screen. Display Postscript is 
defined by Adobe Systems Incorporated. Display Postscript system 804 
provides an application-independent interface to Postscript. 

10 

Separate from the API 820, but also logically located between the 
application program 800 and the operating system 810, is a set of device 

dependent Vvindoi'Vmg c;:ter.sior..s 806. T^xto^sions 806 enable rM=sI«y 
p. , sr. ript --yste^. ::-4 to •:cm: • v;rh tr\:: --fie gvophir- :v--; «•■ .jicy 
15 hardware in th-2 -^d users computer system, such as the %'ideo memory or 
other video display hardware. 

Figure 13 illustrates an embodiment of the invention used with the 
OpenStep API of Figure 8. As shown in Figure 13, in this embodiment, the 

20 license text string and the license key string of the invention are implemented 
in a property list area 1302 (Info.plist) of the application program code 800. 
Two string properties are added to the property list area 1302: 
NSLicenseAgreement 1304, that stores the software license terms applicable to 
application program 800, and NSLicenseKey 1306, that stores the license key 

25 corresponding to NSLicenseAgreement 1304. In this embodiment, as in the 
embodiment of Figure 9, NSLicenseKey 1306 is derived from the 
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NSLicenseAgreement string 1304 generated from the license agreement string 
using a digital signature process and a vendor's private key. 

Example values of the two strings placed in the Info.plist are shown in 
5 Table 2. 

Table ? ~ Info.plist Strings 

NSLicenseKey = "Ab76LY2<3bbO0GqK2KY17BqHy3S w ; 

NSLicenseAgreement = M (c) Copyright 1996, EOF Adc30nTools 
10 Inc., ReportWrit-er licensing agreement: This is 

demonstration software valid until November 2, 1996. 
This software cannot be legally copied."; 

In the OpenStep embodiment of Figure 13, the UNLOCK function 1308 

15 is implemented as part of Application Kit 802. Jn one embodiment, UNLOCK 

HUk'.'ion "jr:i?a is :-^pler.-.ci V-cct 1 - y addhv T <: -reprice c:-dc 2 .-.-red:.;i-»?£ih-J.c 

private Applied;;:-- Kit function (such ' - -^h^, ^ AppZcr^ w 

NSApplication.m). An example of source code that may be added is shown in 
Table 3. 



20 



Table 3 -> UNLOCK Code added in OpenStep API Implementation 



static BOOL licenseChecked = NO; 
if ( ! licenseChecked) 
25 { 

NSDictionary *info; 

NSString *key, * agreement; 

/* First check the unlimited (per-site) license */ 
info = [NSDictionary 
30 dictionaryWithContentsOf File : @ " /OpenStep/ AppKit .dll/Inf o 

.plist" ]; // real path TBD 

key = [ info objectForKey :Xi "NSLicenseKey " ] ; 
agreement = [info 
obj ectForKey : ® "NSLicenseAgreement " ] ; 
35 if ( !NSCheckLicense<key , aareement) ) 

{ 

/* now check for the per-app license */ 

info = [JNSBundle mainBunc31e] inf oDictionary] ; 
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key = [info objectForKey : @ "NSLicenseKey w ] ; 
agreement = [info 
obj ectFcrKey : @ "NSLicenseAgreement " ] ; 

if ( ! NSCheckLicense (key , agreement) ) 
{ 

NSLog (©'■*** Sorry no valid license for 
%@" , [NSApp appNaine] ) ; 

} 

} 

licenseChecked = YES; 
} 



The NSCheckLicense() function, which is called twice in the code 
segment of Table 3, as shown in Figure 13, is implemented in the Foundation 
15 Kit portion 808 of the OpenStep API 820. The NSCheckLicense function 1310 
corresponds to the CHECK LICENSE function 921 illustrated in Figure 9. The 
NSCheckLicense function 1310 verifies NSLicenseAgreement string 1304 
using NSLicenseKey string 1306 and a digital signature authentication process. 
Ti>: NRJiclIO -z^nse inct 131 C> u i s ^ol^cwii?^ ' ; :%^tir- 

20 

extern BOOL NSCheckLicense (NSString *licenseKey, 
NSString * licenseAgreement ) ; 

The NSCheckLicense function 1310, like the Check License function 921 of 
25 Figure 9, applies a CHECK function 1312 to NSLicenseAgreement string 1304 
and NSLicenseKey 1306, using the API vendor s public key, to determine the 
validity of NSLicenseAgreement string 1304. In the embodiment of Figure 13, 
CHECK function 1312 includes in its code a copy of the API vendors public 
key 1314. 

30 

In the embodiment of Figure 13, API 820 includes a "GEN" process 1316 
that can be used by an API vendor to rapidly generate license key strings for 
use by CHECK function 1312. GEN process 1316 receives as input a license 
agreement string and a secret private key, and produces as output a licensing 
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key string, using a digital signature generating process. The private key may, 
for example, be a 127-bit private key, although any other size private key may 
be used. The signature generating process used by GEN process 1316 is 
compatible with the digital signature authentication process used by CHECK 
5 function 1312. GEN process 1316 itself can be made entirely public and 

implemented in the API provided that the private key of the API vendor is 
maintained in secrecy. For example, the GEN process can be part of the 
OpenStep API Foundation Kit 808 as shown in Figure 13. GEN also can be 
maintained in a separate program module. 



10 



The logical relationship between GEN and CHECK is: 

CHECK(GEN(LicenseAgreementString, PrivateKey), Public Key 

Licer.seAgreementString) => YES 



_ T — ... T , . 



In one embodiment of the invention, a shell is provided for the GEN 
process. The shell can receive as input a license agreement template string, 
20 such as: 

(c) Copyright 1995, %§, %<a licensing agreement; Demo 
software valid until %<?; This agreement cannot be 
legally copied 



25 



30 



where %@ represents additional data to be provided by the API vendor. The 
shell then asks the user (i.e. the API vendor) to input the additional data, for 
example a company name, a product name, an expiration date, from which 
the shell generates a specific license agreement string. The shell then asks for 
the private key and applies GEN to create a corresponding license key. 
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The same shell can be used for per-program license keys or per-site 
license keys, using different templates. 

In one embodiment of the invention, an installer program is provided 
5 for installing a resource library on an end user computer. The installer 
program is provided with a feature enabling the end user to provide-a* site 
license key during installation. For example, if the resource library is the 
OpenStep API, additional code is added to the OpenStep API installer 
program. The user is asked during the installation of the resource library if 

10 the user has obtained a per-site license. If the user replies yes, the user is asked 
to enter the site license key string. In one embodiment, the user is also asked 
to enter the site license agreement string. In another embodiment, the site 
license agreement string is stored in the resource library, such as, for example, 
i- the C»:^$rr 7 . AFX VLL A^pnc-:^;^ Kit'.-: "rvfc.pj^t .rce The -te 

15 license key -ar»- ji\e license agreement are validated by the CHECK !.!■'..::" "SE 
function as described above. Use of the resource library is permitted only if 
the site license key string input by the user corresponds to (i.e. is found to 
comprise the resource library vendor's digital signature of) the site license 
agreement string. 

20 



The present invention may be used with resource libraries such as Java 
class files, Java applets, and Java bytecode packages. Figure 14 illustrates an 
25 embodiment of the invention in which the resource library is a Java applet. 
In the embodiment shown in Figure 14, an applet is called from an HTML 
page 1402 via applet tag 1404. Applet tag 1404 includes the name of the 
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applet's class file and applet parameters 1406. Applet parameters 1406 include 
a license agreement string parameter 1408 and a license key string parameter 
1430. License agreement string parameter 1408 specifies a license agreement 
string that contains terms of a license to use the called for applet. License key 
string parameter 1410 specifies a license key used to authenticate the license 
agreement string. As in other embodiments of the invention, in this 
embodiment, the license key string comprises a digital signature by the 
resource library (applet) vendor of the license agreement string. Table 4 
illustrates an example of applet tag 1404. 

Table 4 

<pl^V^-l^l e l- ClaSSn "IDTH=2S0 HEIGHT=75> 
o^f r ^^:^ C f nSeA9r ? eiTientstrin 9 VALUE="Web page 

licen ^ed to use applet 'Acplet .class • > 

</-ipW^ A ~" 3 ' CeRj5e ' Ke - ?i ' :5ring V7 ' lUE:1 " 2 J«50S 43eck2r txOkzq - > 

In the example of Table 4, the license agreement string spcoiies the 
name of the HTML page Cord erf orm. html") and the name of the licensed 
applet ("applet.class"). 

As shown in Figure 14, applet 1434 is accessed when HTML page 1402 is 
loaded by a HTML browser 1430 running in a client computer 1420. In the 
embodiment of Figure 14, HTML browser 1430 runs on top of an API 1424 
which in turn runs on lop of operating system 1422. HTML browser 1430 
includes a Java virtual machine 1432 for running Java applets. 

Upon encountering applet tag 1404 while loading HTML page 1402, 
30 HTML browser 1430 retrieves the class files that constitute applet 1434 from 
storage locations on client computer 1420 and /or from one or more server 



20 



25 
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computers, as applicable. One of the class files includes CheckLicense class file 
1436. After HTML browser 1430 has retrieved all the required components of 
applet 1434, applet 1434 is initialized. During initialization, or at a later time, 
the CheckLicense function provided by CheckLicense class file 1436 is called. 
5 As in other embodiments of the invention, the CheckLicense function 

determines whether the requesting entity (HTML page 1402) possesses a valid 
license to use the requested resource (applet 1434) by testing the authenticity of 
the license specified by LicenseAgreementString parameter 1408 using the 
license key specified by LicenseKeyString parameter 1410 and the applet 
10 vendor's public key 1438. If the CheckLicense function determines that HTML 
page 1402 possesses a valid license, applet 1434 is allowed to execute. If not, 
execution of applet 1434 is terminated, and an error message is sent to HTML 
browser 1430. 

15 7: ;•::*/.. til* unproved method and apparatus for enforcing 

licenses has been presented. Although the present invention has been 
described with respect to certain example embodiments, it will be apparent to 
those skilled in the art that the present invention is not limited to these 
specific embodiments. For example, although the invention has been 

20 described for use in stand-alone computer systems, the invention can be used 
to enforce licenses in a network environment as well. Further, although the 
operation of certain embodiments has been described in detail using specific 
software programs and certain detailed process steps, different software may be 
used, and some of the steps may be omitted or other similar steps may be 

25 substituted, without departing from the scope of the invention. Other 

embodiments incorporating the inventive features of the present invention 
will be apparent to those skilled in the art. 
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CLAIMS 

1. In a computer operating environment comprising a software 
5 program and a software resource, an apparatus for limiting use of said 
software resource comprising: 

an access authorization indicator associated with said software program; 
means in said software resource for reading said access authorization 
indicator; 

0 means in said software resource for determining whether said access 

authorization indicator is valid; 

means for allowing access by said software program to said software 
resource only if said access authorization indicator is determined to be valid. 



2. ihe apparatus of claim J wherein said access nuih::: .^Licn 
indicator comprises terms of a license for use of said software resource. 

3. The apparatus of claim 1 wherein said access authorization 
indicator comprises terms of a site license. 

20 

4. The apparatus of claim 1 wherein said access authorization 
indicator is embedded in said software program. 

5. The apparatus of claim 1 wherein said software resource 
25 comprises an API. 
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6. The apparatus of claim 1 wherein said software resource 
comprises a runtime library. 

7- The apparatus of claim 1 wherein said software resource 
5 comprises a dynamic link library. 

8. The apparatus of claim 1 wherein said software resource 
comprises an applet. 

10 9. The apparatus of claim 1 wherein said software resource 

comprises a bytecode package. 

10. The apparatus of claim 1 wherein said software resource 

lb 

11. The apparatus of claim 4 wherein said access authorization 
indicator is specified in a constant declaration area of said software program. 

12. The apparatus of claim 4 wherein said access authorization 
20 indicator comprises a property of a property list of said software program. 

13. The apparatus of claim 1 further comprising an identifier 
associated with said access authorization indicator and wherein said means for 
determining the validity of said access authorization indicator comprises 

25 means for determining whether said access authorization indicator is valid 
based on said identifier. 
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14. The apparatus of claim 13 further comprising means for 
receiving said identifier from an end user. 

15. The apparatus of claim 14 further comprising means for storing 
5 said identifier in said software resource. 

16. The apparatus of claim 13 wherein said identifier is embedded in 
said software program. 

10 17. The apparatus of claim 13 wherein said identifier comprises a 

digital signature of said access authorization indicator. 

18. The apparatus of claim 16 wherein said identifier is specified in a 

--rrwani dcJ.;.;vr-:" area nS .~-Jd cofr..v...-:- pro^-im- 

15 

19. The apparatus of claim 16 wherein said identifier comprises a 
property of a property list of said software program. 

20. The apparatus of claim 17 wherein said means for determining 
20 whether said access authorization indicator is valid based upon said identifier 

comprises a means for digital signature authentication. 

21. The apparatus of claim 2 further comprising means for 
determining whether said terms of said license are met. 

25 
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22. The apparatus of claim 13 wherein: , 

said software program comprises said access authorization indicator and 
said identifier; 

said access authorization indicator comprises terms of a license for use 
5 of said software resource; 

said identifier comprises a digital signature of said access authorization 
indicator. 

23. In a computer operating environment, a method for limiting use 
10 of a software resource comprising: 

receiving a request from a software program to use said resource; 
obtaining an access authorization indicator associated with said 

software program; 

«;!:• -cijni:'..r.;; vv-.eth^r •• .-id av^ho^rai^;.^ ir-* 5 "'■:*» or ?c v^Ho; 

15 aljowing said software program to use said ircilware tc^ovo'cg only if 

said access authorization indicator is determined to be valid. 

24. The method of claim 23 wherein said access authorization 
indicator comprises terms of a license for use of said software resource. 

20 

25. The method of claim 24 wherein said license comprises a site 
license. 

26. The method of claim 23 wherein said access authorization 
25 indicator is embedded in said software program. 
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27. The method of claim 23 wherein said software resource 
comprises an API. 

28. The method of claim 23 wherein said software resource 
5 comprises a runtime library. 

29. The method of claim 23 wherein said software resource 
comprises a dynamic link library. 

10 30 - The method of claim 23 wherein said software resource 

comprises an applet. 

31. The method of claim 23 wherein said software resource 

15 

32. i ne method of claim 23 wherein said software resource 
comprises an OLE enabled application program. 

33. The method of claim 26 wherein said access authorization 

20 indicator is specified in a constant declaration area of said software program. 

34. The method of claim 26 wherein said access authorization 
indicator comprises a property of a property list area of -said software program. 



BNTSOOCID: <WC 9905600A2J_> 



WO 99/05600 



43 



PO7US98/15340 



35. The method of claim 23 wherein said determining the validity of 
said access authorization indicator comprises determining whether said access 
authorization indicator is valid based on an identifier associated with said 
access authorization indicator. 

5 

36. The method of claim 35 further comprising accepting said 
identifier from a user. 

37. The method of claim 36 further comprising storing said identifier 
10 in said software resource. 

38. The method of claim 35 wherein said identifier is embedded in 

said software program. 

15 39. The method of claim 35 \vhereir. sai^ :■ dentil comprises a 

digital signature of said access authorization indicator. 

40. The method of claim 38 wherein said identifier is specified in a 
constant declaration area of said software program. 

20 

41. The method of claim 38 wherein said identifier comprises a 
property of a property list area of said software program. 

42. The method of claim 35 wherein a digital signature 
25 authentication means is used in determining whether said access 

authorization indicator is valid based upon said identifier. 



< WO P90b600A2_ l_> 



WO 99/05600 



44 



PCT/US98/J5340 



43. The method of claim 24 further comprising determining 
whether said terms of said license are met. 

44. The method of claim 35 wherein: 

5 said software program comprises said access authorization indicator and 

said identifier; 

said access authorization indicator comprises terms of a license for use 
of said software resource; 

said identifier comprises a digital signature of said access authorization 
30 indicator. 

45. A program storage device readable by a'machine, tangibly 
embodying a program of instructions executable by the machine to perform a 

J '■ - " -•• • " • ^eo- so-.n •...•ethr.d i.omprisinx-: 

35 receiving a request from a software program tc v.::i , .-•*; resource; 

obtaining an access authorization indicator associated with said 
software program; 

determining whether said access authorization indicator is valid; 
allowing said software program to use said software resource only if 
20 said access authorization indicator is determined to*e valid. 



46. The program storage device of claim 45 wherein said access 
authorization indicator comprises terms of a license for use of said software 
resource. 

47. The program storage device of claim 46 wherein said license 
comprises a site license. 



25 
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48. The program storage device of claim. 45 wherein said access 
authorization indicator is embedded in said software program. 

5 49. The program storage device of claim 45 wherein said software 

resource comprises an API. 

50. The program storage device of claim 45 wherein said software 
resource comprises a runtime library. 

10 

51. The program storage device of claim 45 wherein said software 
resource comprises a dynamic link library. 

b? T* ;;n:o£;;r:r.-v .-• device of J.nirA i:s wlv.:., >• scr.d joft"'- 7 -:*-*--. 
IS resource comprises - . ; 

53. The program storage device of claim 45 wherein said software 
resource comprises a bytecode package. 

20 54. The program storage device of claim 45 wherein said software 

resource comprises an OLE enabled application program. 

55. The method of claim 48 wherein said access authorization 
indicator is specified in a constant declaration area of said software program. 

25 
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56. The program storage device of claim 48 wherein said access 
authorization indicator comprises a property of a property list area of said 
software program. 

5 57 - The program storage device of claim 45 wherein said 

determining the validity of said access authorization indicator comprises 
determining whether said access authorization indicator is valid based on an 
identifier associated with said access authorization indicator. 

10 58. The program storage device of claim 57 wherein said method 

further comprises accepting said identifier from a user. 

59. The program storage device of claim 58 wherein said method 

r l-. •"vprir-.-, stov.->- said itleniiiicr :n s;vd so?' v.-.-:-re r* ;:Ouv«>-. 

60. The program storage device of claim 57 wherein said identifier is 
embedded in said software program. 

61. The program storage device of claim 57 wherein said identifier 
20 comprises a digital signature of said access authorization indicator. 

62. The program storage device of claim 60 wherein said identifier is 
specified in a constant declaration area of said software program. 

25 63. The program storage device of claim 60 wherein said identifier 

comprises a property of a property list area of said software program. 
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64. The program storage device of claim 57 wherein a digital 
signature authentication means is used in determining whether said access 
authorization indicator is valid based upon said identifier. 

5 65. The program storage device of claim 46 in which said method 

further comprises determining whether said terms of said license are met. 

66. The program storage device of claim 57 wherein: 
said software program comprises said access authorization indicator and 
10 said identifier; 

said access authorization indicator comprises terms of a license for use 
of said software resource; 

said identifier comprises a digital signature of said access authorization 



15 

67. An article of manufacture comprising: 

a computer readable medium having computer readable program code 
embodied therein for accessing a resource library, said computer readable 
program code in said article of manufacture comprising: 
20 computer readable program code embodying an access authorization 

indicator for accessing said resource library. 

68. The article of manufacture of claim 67 wherein said access 
authorization indicator comprises terms of a license for use of said software 

25 resource. 



BNSDOCID: <WC ©90S6OOA2J_> 



WO 99/05600 

PCTAJS98/1S340 

48 



69. The article of manufacture of claim 67 wherein said computer 
readable program code comprises a software program and wherein said access 
authorization indicator is embedded in said software program. 

5 70. The article of manufacture of claim 67 wherein said software 

resource comprises an API. 

71. The article of manufacture of claim 67 wherein said software 
resource comprises a runtime library. 

10 

72. The article of manufacture of claim 67 wherein said software 
resource comprises a dynamic link library. 

15 resource comprises an auw -v. 

74. The article of manufacture of claim 67 wherein said software 
resource comprises a bytecode package. 

20 75 ' The article of manufacture of claim 67 wherein said software 

resource comprises an OLE enabled application program. 

76. The article of manufacture of claim 69 wherein said access 
authorization indicator is specified in a constant declaration area of said 
25 software program. 
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77. The article of manufacture of claim 69 wherein said access 
authorization indicator comprises a property of a property list of said software 
program. 

5 78. The article of manufacture of claim 67 further comprising 

computer readable program code embodying an identifier associated with said 
access authorization indicator. 

79. The article of manufacture of claim 78 wherein said identifier is 
10 embedded in said software program. 

80. The article of manufacture of claim 78 wherein said identifier 

comprises a digital signature of said access authorization indicator. 

15 81. The article of manufacture of claim 78 wherein said ;c**iufier is 

specified in a constant declaration area of said software program. 

82. The article of manufacture of claim 78 wherein said identifier 
comprises a property of a property list of said software program. 

20 

83. The article of manufacture of claim 78 wherein: 

said software program comprises said access authorization indicator and 
said identifier; 

said access authorization indicator comprises terms of a license for use 
25 of said software resource; 

said identifier comprises a digital signature of said access authorization 
indicator. 



BNSDOCID: <WC P905600A2J_> 



PCT7US98/I5340 



1/12 



Application Program 




Z —J 


Operating System , ^ 







120 



FIG. 1 



110 




100 



I 



220 



Resource Library "n^ 

JJL_ 2,6 



F/G. 2 



Operating System 



J * 



110 



Computer Hardware 



■too 



SUBSTITUTE SWEET <FiULE 26) 



WO 99/05600 



PCTAJS98/15340 



2/12 



FIG. 3 



300 



Application Program 1 



r 



Resource 
Library 1 



320 



Application Program 2 



Resource 
Library 2 



330 



T 



310 



Resource 
Library 3 



340 



Operating System 



110 



"oinpuier Hardware 



SUBSTITUTE SHEET (RULE 26) 



BNSDOCID: <WO P9DS600A2_L> 



WO 99/05600 



PCT/DS98/J5340 



3/12 



FIG. 4 



r 



410 



Display 
divice 



400 



r 



Network 
interface 



440 



CPU 



Printer 



input device 




Mass storage. 



420 



Removable ' 



Media 



425 



SUBSTITUTE SHEET (RULE 26) 



BVSDOCID *WC__9S05800A2^|_ 



WO 99/05600 



PCT/US98/15340 



4/12 



Application Program 



Prog. Lie. Mod. 



510 



220 



500 



R.L. Lie. Mod. 



Resource Library 



215 FIG. 5 



Operating System 



110 



Computer Hardware 



610 



Prog. Lie. Mod. 



Lie. Text Str. 
License Kev 



510 



600 



500 



FIG. 6 



License 
Verification 

R.L. Lie. Mod. 



620 



BNSOOCID: <WC &&05600A2J. > 



SUESTITUTE SHEET (RULE 26) 



WO 99/05600 



5/12 



PCT/US98/I5340 



FIG. 7 



700 



Program sends 
request message 
to resource library 



n 

705 



R.L. obtains 
program's licence 
text and license key 



710 



R.L. verifies license 



725 





Yes 



Access denied 



h 



r 13 



Access granted 



Check License 
Terms 



735 



730 



740 





7 



750 



Access Denied 



SUBSTITUTE SHEET (flULE 26) 



WO 99/05600 PCTAJS98/15340 



6/12 



820 



FIG. 


8 


Application 


Program 


Application Kit 


Display Postscript 




System 






Foundation 



800 



602 




BN'SDOOD: «WO ©9056O0AZJ. ? 



SUBSTITUTE SHEET {BULE 26) 



WO 99/05600 



PCT/US98/1S340 



7/12 



FIG . 9 



901 





Application Program 






constant Declarations 






LicenseKeyStrincj 






LicenseAgreementString , 












r- ' 



900 

902 
*904 



92c 



921 



CHECK LICENSE 

1 CHECK 1 



> 


> 


c ■ • 


Operating System 



922 



9TO 



SUBSTITUTE SHEET {RULE 26) 



B\»SDOClD: <WO_990£*0OAf_» > 



WO 99/05600 



PCTAJS98/15340 



Start UNLOCK 


function 




> 


f 



Bead LicenseKey- 
String and License- 
AgreementString 
from API 



8/12 



1002 



FIG. 10 



1004 




j 1 ring and License- 
AgreementString 
from calling entity 



1006 




SUBSTITUTE SHEET {RULE 26) 



BN'SDOCID: <WO 99066O0A2_L> 



WO 99/05600 



PC7YUS98/J5340 



Start CHECK 
LICENSE function 



9/12 



1102 



1104 



Assemble Public Key, 
LicenseKeyString 
and License- 
AgreementString 
as argument 



1108 




Call CHECK 
function 



in; 



1114 



LicenseAgreementString^ ^ 



LicenseKeyString 



Vendor Public Key J 

1106 



F/G. 7) 




1116 



8NSDOCID: *WC_S90S600AJJ. 



SUfiSTlTUT€ SHEET <fiUL€ 26) 



WO 99/05600 



PCT/US98/15340 



10/12 



1202 



1203 



Start CHECK 
function 


> 


f 


Receive 

LicenseKeyString, 
LicenseAgmtString, 
and vendor pub.key 







1204 



Verify that 
LicenseKeyString 
comprises digital 
signature of 
LicenseAgmtString 



FIG. 12 



1210 




Return FAIL 



1212 



BNJSDOCID: <WO 99OS6O0A2_l_> 



SUBSTITUTE SHEET (RULE 26) 



>VO 99/05600 



PCT/US98/I5340 



11/12 



FIG. 13 



800 



.1302 



Application Program 



820 



r 



804 



Info.olist 



Z 



: NSLicenseAqreement ; 



NSLicenseKey 



Application Kit 



Unlock 




Display Postscript 
System 



Foundation 
Kit 



Device-Dependent 
Windowing 

Extensions 



1304 



802 
1310 



SUBSTITUTE SHEET <fRUL€ 26) 



WO 99/05600 



PCTAJS98/15340 



12/12 



FIG. 14 



.1402 



r 



1404 



HTML Page 



Applet Tag 



Applet Parameters 



LicAgrntString 



LicenseKeyString 



1410 



7^ 



1406 



1408 



432- 



7 



1430 



HTML Browser 
•1434 



Applet 



1438 



— \ 



1436 



CheckLicense 



Vend. Pub. Key 



Java Virtual Machine 



API 



1422 



Client Computer 



1420 



SUBSTITUTE SHEET (RULE 26) 



BNSDOCID: <WO 990b600A2J_> 



THIS PAGE BLANK (uspto) 



